Google TensorFlow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which stems from the absence of loops between nodes of a TFlite graph. No detailed vulnerability details are...

GHSA-FRXX-2M33-6WCR Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local. Users passing a malformed or malicious version of a TFLite graph into TOCO will cause TOCO to crash or cause a buffer overflow, potentially allowing malicious code to be executed...